package com.huazhi.wzsnw.Filter;//package com.huazhi.digitalculture.Filter;
//
//import com.huazhi.digitalculture.model.User;
//import org.apache.shiro.authc.AuthenticationToken;
//import org.apache.shiro.subject.Subject;
//import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
//import org.apache.shiro.web.util.WebUtils;
//
//
//import javax.servlet.ServletRequest;
//import javax.servlet.ServletResponse;
//import javax.servlet.http.HttpServletRequest;
//import javax.servlet.http.HttpSession;
//
////写该类是为了在此处将登录成功的用户信息存储在session中。注意该类是继承FormAuthenticationFilter类重写，
//// 重写它的onLoginSuccess即shiro登录成功后的处理方法。
//public class MyFormFilter extends FormAuthenticationFilter {
//    @Override

//    protected boolean onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response) throws Exception {
//        User user=(User)subject.getPrincipal();//获取自定义realm（即本案例的MyRealm）中SimpleAuthenticationInfo存储的用户名。获取密码是subject.getCredentials()
//        //然后将获取到的信息存储到Session中
//        HttpServletRequest httpServletRequest= WebUtils.toHttp(request);//将ServletRequest 转化成HttpServletRequest，ServletRequest似乎是HttpServletRequest的父类
//        HttpSession session = httpServletRequest.getSession();//获取session对象
//        session.setAttribute("user",user);
//        return super.onLoginSuccess(token, subject, request, response);
//    }
//}
